Re: [PATCH] x86: Lock down MSR writing in secure boot

From: Matthew Garrett
Date: Wed Feb 13 2013 - 13:51:44 EST

Next message: Greg KH: "Re: [PATCH 1/1] Drivers: hv: vmbus: Use the new infrastructure fordelivering VMBUS interrupts"
Previous message: Doug Anderson: "Re: [PATCH] ARM: exynos: move exynos4210-combiner to drivers/irqchip"
In reply to: H. Peter Anvin: "Re: [PATCH] x86: Lock down MSR writing in secure boot"
Next in thread: H. Peter Anvin: "Re: [PATCH] x86: Lock down MSR writing in secure boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2013-02-13 at 10:44 -0800, H. Peter Anvin wrote:

> So people have piggybacked complete inappropriate junk onto
> CAP_SYS_RAWIO. Great. What the hell do we do now? We can't break
> apart CAP_SYS_RAWIO because we don't have hierarchical capabilities.

Yeah. Like I said, it's approximately useless.

> We thus have a bunch of unpalatable choices, **all of which are wrong**.
>
> This, incidentally, is *exactly* the reason I object to
> CAP_COMPROMISE_KERNEL as well... it describes a usage model, not a resource.

Like I said, I'm not wed to a capability-based model. However, it does
seem marginally more attractive than sprinkling if (!secure_boot) all
over the place. If anyone has alternatives, this would be a great time
to raise them.

--
Matthew Garrett | mjg59@xxxxxxxxxxxxx
N‹§²æìr¸›yúèšØb²X¬¶ÇvØ^–)Þ{.nÇ+‰·¥Š{±‘êçzX§¶›¡Ü}©ž²ÆzÚ&j:+v‰¨¾«‘êçzZ+€Ê+zf£¢·hšˆ§~††Ûiÿûàz¹®w¥¢¸?™¨èÚ&¢)ßf”ù^jÇy§m…á@A«a¶Úÿ0¶ìh®å’i

Next message: Greg KH: "Re: [PATCH 1/1] Drivers: hv: vmbus: Use the new infrastructure fordelivering VMBUS interrupts"
Previous message: Doug Anderson: "Re: [PATCH] ARM: exynos: move exynos4210-combiner to drivers/irqchip"
In reply to: H. Peter Anvin: "Re: [PATCH] x86: Lock down MSR writing in secure boot"
Next in thread: H. Peter Anvin: "Re: [PATCH] x86: Lock down MSR writing in secure boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]